Method and system for securing wireless communications

ABSTRACT

A method and system for securing wireless communications is disclosed. In one embodiment, different security policies are used based on the distance between a receiver and a transmitter, whereby data in the wireless communications can only be demodulated if received in particular trust zones. In another embodiment, a plurality of bit stream fragments are transmitted by a plurality of transmitters to a receiver located in an area where transmission patterns radiated by the transmitters intersect. Alternatively, the receiver performs a function on packet data units (PDUs) transmitted by the transmitters. In yet another embodiment, primary modulation points of a modulation constellation are split into clusters of proximate secondary modulation points which can be demodulated only by a receiver that is within range of the transmitter. In yet another embodiment, a main waveform is transmitted which overlays a QPSK signal with hierarchical modulation (HM) having encoded descrambling information.

CROSS REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application Nos.60/630,730 filed Nov. 23, 2004, 60/661,856 filed Mar. 15, 2005 and60/684,257 filed May 25, 2005, which are incorporated by reference as iffully set forth.

FIELD OF INVENTION

The present invention relates generally to wireless communications. Morespecifically, the present invention is related to a method and systemfor securing such wireless communications by strategically positioningthe source and/or the recipient of the communications.

BACKGROUND

As wireless connectivity becomes more pervasive and reliable, it isexpected that all the digital computing, data storage and media storagedevices that are in widespread use today will become part of Ad-hocwireless communication networks. However, such networks are susceptibleto data security breaches in many respects. For example, Ad-hocnetworks, where individual users communicate with each other directlywithout using intermediary network nodes, create new susceptibilities tothe users and networks.

To reduce the susceptibility of wireless networks, techniques such aswired equivalent privacy (WEP), Wi-Fi protected access (WPA), extensibleauthentication protocol (EAP) and GSM-based encryption have beendeveloped. Although these techniques provide some protection, they arestill susceptible to various trusts, rights, identity, privacy andsecurity issues. For example, although a particular wirelesscommunication node may have the correct WEP keys to communicate with awireless user, that user may not know whether the particular node can betrusted.

Additionally, authentication of the user using these keys typicallyoccurs at higher layers of the communication stack. Accordingly, evenwhen these controls are in place, a rogue wireless user or hacker mayhave some (although limited) access to the communication stack. Thisaccess creates vulnerabilities, such as denial of service attacks, amongothers.

The fact that wireless signals degrade with distance introduces anatural measure of security since intercepting a signal requires one tobe sufficiently close to the source to detect it. This is particularlytrue in small networks, where the transmit power is typically low andcommunications typically occur at highest rates and in an Ad-hocfashion. In many situations, physical proximity may be the mostdifficult attribute for a malicious attacker to attain. In factcommunication which can only be detected within a very short proximityof the transmitter may not need to be very well protected.

Accordingly, it would be desirable to implement a security system forwireless networks which can take advantage of the natural securityoffered by degradation of wireless signals. Furthermore, it would bedesirable to ensure that any information transmitted to a user isaccessible only at the location of the user, such that a “eavesdropper”located in the general proximity of the user, but not at the user'simmediate location, is prevented from receiving complete messagestransmitted to the user.

SUMMARY

The present invention is related to a method and system for securingwireless communications. In one embodiment, different security policiesare used based on the distance between a receiver and a transmitter,whereby data in the wireless communications can only be demodulated ifreceived in particular trust zones. In another embodiment, a pluralityof bit stream fragments are transmitted by a plurality of transmittersto a receiver located in an area where transmission patterns radiated bythe transmitters intersect. Alternatively, the receiver performs afunction on packet data units (PDUs) transmitted by the transmitters. Inyet another embodiment, primary modulation points of a modulationconstellation are split into clusters of proximate secondary modulationpoints which can be demodulated only by a receiver that is within rangeof the transmitter. In yet another embodiment, a main waveform istransmitted which overlays a QPSK signal with hierarchical modulation(HM) having encoded descrambling information.

BRIEF DESCRIPTION OF THE DRAWINGS

A more detailed understanding of the invention may be had from thefollowing description, given by way of example and to be understood inconjunction with the accompanying drawings wherein:

FIG. 1 is a graphical representation showing a relationship betweeneffective input SNR of a receiver's decoder and the decoder's outputBER;

FIG. 2 is a block diagram of a wireless communication system including atransmitter and a receiver used to secure wireless communications inaccordance with the present invention;

FIG. 3 is a graphical representation showing a relationship betweennormalized secure proximity radius (NSPR) and known symbols for R=1,γ=2;

FIG. 4 is a graphical representation showing a relationship between NSPRand known symbols for, R=1, γ=4;

FIG. 5 is a graphical representation showing a relationship between NSPRand known symbols for R=½, γ=2;

FIG. 6 is a graphical representation showing a relationship between NSPRand known symbols for and R=½, γ=4;

FIG. 7 is a diagram of a security network with multiple trust zones usedto secure wireless communications in accordance with one embodiment ofthe present invention;

FIG. 8 is a conventional network in which an eavesdropper may intersecta bit stream transmitted from an AP to a WTRU;

FIG. 9 is a network in which each of a plurality of APs transmits PDUsto a WTRU located in a trust zone intersected by the transmissionpatterns of each of the APs to secure wireless communications inaccordance with another embodiment of the present invention; and

FIG. 10 shows a QPSK modulation constellation which illustrates howwireless communications are secured in accordance with yet anotherembodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Hereafter, the terminology “wireless transmit/receive unit” (WTRU)includes but is not limited to a user equipment (UE), a mobile station,a fixed or mobile subscriber unit, a pager, a station (STA) or any othertype of device capable of operating in a wireless environment. Whenreferred to hereafter, the terminology “access point” (AP) includes butis not limited to a base station, a Node-B, a site controller or anyother type of interfacing device in a wireless environment.

The present invention is based on the fact that most conventionalchannel codes, (e.g., Turbo codes, low density parity check (LDPC)codes, or the like), are operating close to the Shannon limit in mostpractical scenarios. As applied to wireless communication systems,(ignoring the effect of fading), the receiver's ability to demodulatedata is almost a binary function of the effective SNR at the input tothe receiver's decoder.

The features of the present invention may be incorporated into anintegrated circuit (IC) or be configured in a circuit comprising amultitude of interconnecting components.

FIG. 1 is a graphical representation showing a relationship betweeneffective decoder input SNR and a decoder output BER. A critical SNRexists such that if the actual effective SNR falls below the criticalSNR, the decoder fails completely, (i.e., the decoder's output BEReffectively 1), and data in a wireless communication cannot be read.Conversely, if the actual effective SNR at the decoder input is abovethe critical SNR, the probability of error at the decoder output isextremely low and the data in the wireless communication can be readwith very high probability.

Since it is assumed that the channel code approaches the Shannon limit,it can be assumed that the coding is performed at the Shannon capacityrate. Moreover, it is convenient to actually work in terms of spectralefficiency, since this makes the numeric results independent of thebandwidth. For a complex-valued additive white Gaussian noise (AWGN)channel, the Shannon capacity rate is given by:R=log₂(1+SNR);  Equation (1)where SNR is used in the E_(b)/N_(o) sense. It is assumed that forcoding rates above this rate, reliable information decoding is notpossible and for coding rates below this rate, reliable informationdecoding is essentially guaranteed. In fact, with large-block lengthcodes, such as LDPC and Turbo codes, this is a realistic assumption.

The SNR basically depends on the distance between the transmitter andthe receiver. The SNR dependency on the distance from the transmitter isgiven by a power law as follows: $\begin{matrix}{{{{SNR}\quad(d)} = \frac{E}{d^{\gamma}}};} & {{Equation}\quad(2)}\end{matrix}$where E is a nominal SNR at a distance of 1 unit. In free space, theexponent γ is 2, but in practical wireless networks, the exponent γ issomewhere between 3 and 4, depending on the channel topology.

Let SNR_(c) be the critical SNR for the chosen coding scheme. Then, thedistance covered with this critical SNR is determined as follows:$\begin{matrix}{{d = \sqrt[\gamma]{\frac{E}{{SNR}_{c}}}};} & {{Equation}\quad(3)}\end{matrix}$and it can be rewritten in dBs as follows: $\begin{matrix}{{\log\quad d} = {{\frac{1}{\gamma}\left( {{\log\quad E} - {\log\quad{SNR}_{c}}} \right)} = {\frac{1}{\gamma}{\left( {E_{dB} - {SNR}_{c_{dB}}} \right).}}}} & {{Equation}\quad(4)}\end{matrix}$

The present invention makes d a function of security policy. Bydynamically choosing d, a receiver at a distance closer than d canoperate with a looser security policy, while a receiver with a distancebeyond d will require a stricter security policy.

In a typical communication scheme, the channel coding scheme is fixedsince it is quite expensive to have “programmable” decoders forcompletely different coding schemes. Thus, SNR_(c) is fixed. Then, fromEquations (3) and (4), d can be controlled by controlling E and γ in acommunication system. In order to achieve this goal, at least one ofthese controls must vary depending on extrinsic security-relatedinformation that a receiver may or may not possess.

E is defined as a nominal SNR at a unit distance. In reality, E is atransmit power per information bit intended to a particular receiver.The nominal SNR definition is necessary since the power law model ofEquation (2) breaks down for small values of d and leads to infiniteSNRs. Thus, controlling E means controlling the output power perinformation bit. For example, the control of the output power perinformation bit may be accomplished in any one or combination of thefollowing processes:

1) by directly controlling the output power applied to the particularreceiver's data;

2) by reducing the output SNR and hence the receiver's receive SNR byadding an additional noise like signal to the transmitted signal. Thishas the advantage of maintaining constant output power whilst regulatingthe SNR to individual receivers.

3) by controlling a modulation scheme, (e.g., selectingQPSK/M-quadrature amplitude modulation (QAM)/M-phase-shift keying(PSK)/frequency-shift keying (FSK), or the like);

4) by adjusting a bit length (e.g. for UWB systems);

5) by controlling jitter and timing of transmission;

6) by controlling an effective coding rate for the data to the receiver,which is a preferred one in the present invention. This method offersthe ability, in a WLAN system, to maintain constant power level betweenthe APs and WTRU in such a way as to maintain a uniform and regular gridspacing between the various APs in a system without affecting theperformance of the CSMA system from fluctuating transmit power levels;

7) by changing the rate matching rules so as to introduce puncturing orrepetition of symbols and hence the effective bit energy;

8) by controlling a modulation index; and

9) by controlling the amount of interference the receiver willexperience.

The interference control can be accomplished by one or combination ofthe following ways, but is not limited to:

1) by applying variable interference management techniques, such aspre-equalization to the desired receiver's signal and/or the interferingreceiver's signal and varying the degree to which cross-interference isremoved or introduced;

2) by selective power control, (the power control could be a jointlyoptimized process with the security policy);

3) by time/frequency/code scheduling to control the number of potentialinterferers;

4) by dynamic interference control, (e.g., turned on and off); and

5) by signaling through a third party beacon which in turn transmitssignals creating additional interference pattern.

Additionally, in the presence of multiple receive antennae, the value ofE can be made dependent on the angular location of the receiver withrespect to the transmitter (Θ), (i.e., E=E(Θ), and consequently d can bemade as a function of Θ as well. This introduces another set of controlpossibilities, which include, but not limited to, the following ways:

1) beamforming towards or away from the receiver in azimuth, elevationor both;

2) interference management using smart antenna techniques; and

3) introduction of transmission patterns.

With respect to γ, the value of γ depends on Doppler spread of thereceived signal, which generally depends on the relative velocity of thereceiver with respect to the transmitter and the geography of theirenvironment. However, the transmitter can artificially increase theDoppler spread by internal signal processing. Since the value of γdepends on the geography of the environment, if the transmitter isequipped with a plurality of antennas, it can control γ to some extentby aiming the transmitted signal in an appropriate fashion.

The receiver may detect the presence of an adversary actively tamperingwith the wireless channel in accordance with the present invention. Ifthe receiver is informed through auxiliary means that the receivershould be able to successfully demodulate the data stream, but is infact unable to do so after a sufficiently large number of attempts, andsince the security policy and the communication controls of the receiverare set in such a way as to enable the demodulation of the data stream,the receiver can then assume that the wireless channel is being tamperedwith.

The present invention preferably utilizes a code rate as a parameterdepending on the security policy of the receiver. Typically, the abilityof the receiver to demodulate a signal depends on geography, (theeffective distance), which is more complex than a straight-linedistance. If necessary, the transmitter and the receiver can discoverthe effective distance between them by slowly increasing, (oralternatively decreasing), one or more of the control parameters anddetecting the point at which reliable data decoding becomes possible,(or alternatively is no longer possible).

FIG. 2 is a block diagram of a communication system 100 including atransmitter 110 and a receiver 120 in accordance with the presentinvention. The transmitter 110 comprises a protocol stack unit 112, achannel encoder 114, a rate matching unit 115, a multi-layer secure bit(MLSB) scrambler 116 and a physical channel processing unit 118. Thereceiver 120 comprises a physical channel processing unit 128, an MLSBdescrambler 126, a rate de-matching unit 125, a channel decoder 124 anda protocol stack unit 122. The protocol stack units 112, 122, thechannel encoder 114, the rate matching unit 115, the rate de-matchingunit 125, the channel decoder 124 and the physical channel processingunits 118, 128 are essentially the same components as used inconventional transmitters and receivers. The protocol stack unit 112generates an information stream and this information stream is encodedfor error protection by the channel encoder 114, and then is furtherprocessed to be transmitted via a wireless channel 130, (i.e., aparticular air interface), by the physical channel processing unit 118.This process is reversed at the receiver 120.

The channel encoder 114 maps a sequence of input data to a sequence ofoutput channel symbols. The MLSB scrambler 116 scrambles the channelsymbols. The channel symbols may be bits or higher-order modulationsymbols. Not all the symbols need to be scrambled. The MLSB scrambler116 may take a subset of symbols and scrambles them. Receivers should beaware of which symbol positions are scrambled.

Several security layers are defined in accordance with the presentinvention. The proportion of the scrambled symbols that a MLSBdescrambler 126 can descramble depends on the security layer. For anysymbol that the MLSB descrambler 126 can descramble, the MLSBdescrambler 126 does so. For any symbol that the MLSB descrambler 126cannot descramble, the MLSB descrambler 126 inserts an erasure, (i.e., achannel observation of 0), for that symbol. Any conventional channeldecoder is capable of operating with erasures. Therefore, this does notpresent a problem to a current system.

The effect of the security system in accordance with the presentinvention on those receivers which are not able to descramble allsymbols is an increase in the code rate and a simultaneous reduction inthe effective SNR per information bit. The specific amount of code-rateincrease and effective SNR reduction depends on the security level,which will be explained hereinafter.

The rate matching unit 115 in the transmitter 110 operates in accordancewith rate matching rules, which may be changed so as to introducepuncturing or repetition of symbols and hence the effective bit energy.A channel with a code rate R is utilized. R can be greater than 1 bitper channel symbol and the effective rate for security layer n is givenby: $\begin{matrix}{{R_{n} = \frac{R}{1 - {\theta\quad\left( {1 - e_{n}} \right)}}};} & {{Equation}\quad(5)}\end{matrix}$where θ denotes the proportion of the scrambled symbols and e_(n) is theproportion of symbols that a descrambler, (i.e., the rate de-matchingunit 125 in the receiver 120), with a security layer n can descramble.In all cases, e_(n)ε[0,1], e₁=0, e_(N)=1. The initial SNR perinformation bit, (more precisely E_(b)/N_(o)), is denoted by E₀. Theeffective SNR for security layer n is given by:E _(n) =E ₀(1−θ(1−e _(n))).  Equation (6)

Both the rate and the SNR are simply scaled by the proportion ofnon-scrambled known bits, which is given by:η_(n)=1−θ(1−e _(n)).  Equation (7)Therefore, it is sufficient to formulate the analysis exclusively interms of this quantity. The SNR dependence on the distance from thetransmitter is given by Equation (2).

In accordance with the present invention, it is determined that given acertain proportion of non-erased symbols, (i.e., symbols that thereceiver is able to unscramble), the distance from the transmitter tothe receiver, in order to be able to demodulate the data can bedetermined. Equation (2) is substituted into Equation (7) and solved ford to obtain the following equation: $\begin{matrix}{d = {\sqrt[\gamma]{\frac{E}{2^{R} - 1}}.}} & {{Equation}\quad(8)}\end{matrix}$

Next, given that a percentage η of the symbols are not erased, Equations(5) and (6) are substituted into Equation (9) to obtain the followingequation: $\begin{matrix}{{d\quad(\eta)} = {\sqrt[\gamma]{\frac{\eta\quad E}{2^{R/\eta} - 1}}.}} & {{Equation}\quad(9)}\end{matrix}$

The percentage of distance achievable with a particular security level ηcan be expressed as a percentage of distance achievable with fullsecurity (η=1). This is the NSPR which is defined as follows:$\begin{matrix}{{\overset{\_}{d}\quad(\eta)} = {\frac{\mathbb{d}(\eta)}{\mathbb{d}(1)}{\sqrt[\gamma]{\frac{\eta\quad\left( {2^{R} - 1} \right)}{2^{R/\eta} - 1}}.}}} & {{Equation}\quad(10)}\end{matrix}$

The NSPR does not depend on E, although it does depend on the nominaltransmission rate. As an example, FIGS. 3-6 present plots of NSPR versuspercentage of known symbols for 4 different scenarios: R=1, γ=2; R=1,γ=4; R=½, γ=2; and R=½, γ=4, respectively. From the simulation results,it is observed that by revealing only 50% of the channel symbols,receivers located farther than about 60% of the “fully secure”transmission radius can be prevented from demodulating the information.Thus, if a receiver is beyond the effective distance for its securityparameter, it is theoretically prohibited from decoding the data with aBER much better then 50%.

FIG. 7 shows a security network 700 including a plurality of WTRUs 705,710, 715, 720 and 725 which operate in a plurality of non-overlappingtrust zones 730, 740, 750 or a “no trust zone” area 760 external to thetrust zones. The trust zones 730, 740, 750 and the “no trust zone” 760are established as follows:

Transmission parameters, such as a code rate scheme, puncturing scheme,power scheme or the like, are chosen such that a receiver, (i.e., aWTRU), outside of the boundary between the trust zone 750 and the “notrust zone” 760 is not capable of decoding the transmission signal, evenif the receiver is fully aware of all transmission parameters.Furthermore, a bit scrambling scheme, (to be implemented by the MLSBsub-system), is chosen such that receivers inside the trust zone 730 areable to demodulate the data, even if the receivers do not know any ofthe scrambled bits. The received power will be high enough such thatsuccessful demodulation can occur, even if the scrambled bits are simplytaken to be punctured.

Receivers in the trust zone 740 are no longer able to demodulate thesent data unless they are aware of some of the scrambling patternapplied by the MLSB. Accordingly, receivers located in trust zone 740will be forced to go through some kind of authentication procedure withthe transmitter so that some necessary portion of the scramblingsequence is revealed to them.

Receivers in the trust zone 750 are not able to demodulate the datatransmitter, even if they are aware of the portion of the scramblingsequence revealed to the receiver in the trust zone 740, (e.g., byoverhearing the side communication whereby those receivers were allowedaccess to this sequence). Instead, they are required to requestadditional information about the scrambling sequence, (e.g., they mayneed to know the full sequence), and thus must go through a separate,(potentially more demanding), authentication process then receivers inthe trust zone 740. As mentioned before, receivers in the area 760cannot demodulate the sent data under any circumstances.

In accordance with the embodiment of the present invention describedabove, the distance from a transmitting WTRU 705 to a receiving WTRU isa function of security policy. By dynamically choosing the distance d,(e.g., 50 meters), a receiving WTRU 710 at a distance closer than d canoperate with a looser security policy, while receiving WTRU 715, 720 and725 with a distance beyond d will require a stricter security policy.

FIG. 8 shows a conventional network 800 which includes an AP 805 and aWTRU 810. When the AP 805 transmits a bit stream 815 to the WTRU 810, aneavesdropper 820 within range of the AP 805 is able to receive theentire bit stream, e.g., 111000101.

FIG. 9 shows a network 900 including a plurality of access points (APs)905, 910, 915, a WTRU 920 and the eavesdropper 820 of FIG. 8 inaccordance with one embodiment of the present invention. By using aplurality of APs 905, 910, 915, rather than only the sole AP 805 in theconventional network 800 of FIG. 8, the bit stream 815 is secured frombeing decrypted by the eavesdropper 820. The WTRU 920 is located at theintersection 935 of the transmission patterns of the APs 905, 910 and915, whereby the WTRU 920 will receive a first fragment 930 _(A) of thebit stream 815, “111”, from the AP 905, a second fragment 930 _(B) ofthe bit stream 815, “000”, from the AP 910, and a third fragment 930_(C) of the bit stream 815, “101”, from the AP 915. Each fragment 930_(A), 930 _(B), 930 _(C) is referred to as a PDU and the original bitstream “111000101” is referred to as a service data unit (SDU). The WTRU920 then reassembles the entire encrypted SDU from the three PDUs 930_(A), 930 _(B) and 930 _(C). Since the eavesdropper 820 is notphysically located at the intersection 935 of the transmission patternsof the APs 905, 910 and 915 such that all of the fragments 930 _(A), 930_(B), 930 _(C) are received at an error rate comparable to that of theWTRU 920, the eavesdropper 820 is unable to decipher the entire bitstream 815, (even with knowledge of a secret key).

In the network 900 of FIG. 9, the SDU that is deciphered by the WTRU 920is 111000101, where PDU_(A)=111, PDU_(B)=000 and PDU_(C)=101. If theeavesdropper 820 manages to decipher two out of the three PDUs, (e.g.,000 and 101), the eavesdropper 820 will have managed to obtain someinformation which is incomplete but correct.

In an alternative embodiment, any PDUs that the eavesdropper 820 doesreceive are rendered meaningless if incomplete. For example, the SDUthat needs to be sent to the WTRU 920 in the network 900 is 111000101.However, three PDUs that are sent by three different APs 905, 910 and915, (e.g., PDU1, PDU2, PDU3), are not fragments, as illustrated by FIG.9, but are instead selected such that the SDU=PDU1 XOR PDU2 XOR PDU3where PDU1=100110011, PDU2=110000111 and PDU 3=101110001, such that theSDU=100110011XOR110000111XOR101110001=111000101, where XOR is anexclusive-or function. Thus, assuming that the WTRU 920 is located atthe intersection 935 of the transmission patterns of the APs 905, 910and 915, the WTRU 935 is able to receive all three PDUs and XOR the PDUstogether to decipher the SDU 111000101. If the eavesdropper 820 captureseven two of these three PDUs, they are completely meaningless withrespect to deciphering the SDU. Alternative mechanisms other than XORare also possible such as scrambling the packet and sending differentbits from different transmitters in such a manner as to rendermeaningless the transmissions, unless all transmissions are receivedsuccessfully.

In another embodiment, a location-based authentication mechanism may beincorporated in the network 900 of FIG. 9. The WTRU 920 receivestransmissions from the APs 905, 910 and 915, and reports its location toeach of the APs 905, 910 and 915. Based upon the reported locations ofthe WTRU 920 and the APs 905, 910 and 915, each of the APs 905, 910 and915 may launch a protocol which transmits a sequence of messages,requesting a positive acknowledgement (ACK) or a negativeacknowledgement (NACK) from the WTRU 920, at varying effective codingrates higher and lower than the coding rate suggested by the nominaldistance between each respective AP 905, 910, 915 and the WTRU 920.Thus, the protocol establishes a criteria which dictates, based onlocation of the WTRU 920 with respect to the locations of the APs 905,910 and 915, whether the WTRU may decode transmissions received from theAPs 905, 910 and 915. If the location reported by the WTRU 920 isdetermined to be correct, the protocol will then verify the authenticityof the location of the WTRU 920 by processing ACK/NACK messages receivedfrom the WTRU 920 in response to the sequence of messages.

Verification of the authenticity of the WTRU 920 may also be performedsuch that the WTRU 920, (or a user of the WTRU 920), and the APs 905,910 and 915 share a common secret. For example, if APs 905, 910 and 915require the location indicated by the WTRU 920 to be authenticated, theAPs 905, 910 and 915 send a “challenge question” via a plurality ofPDUs, which may be fragmented or encrypted as described above, such thatthe “challenge question” would be decipherable by the WTRU 920 only ifthe WTRU 920 is located as indicated. Thus, the WTRU 920 would not beable to “answer” the “challenge question” unless it was located at aposition where the “challenge question” could be deciphered.

FIG. 10 shows an example of a hierarchical modulation (HM) scheme,defined by a combination of primary and secondary modulation schemes,which, in this case, are QPSK and BPSK respectively. It is well knownthat a QPSK modulation scheme is defined by 4 modulation points, whichtogether constitute the QPSK modulation constellation. The modulationpoints represent carrier phases of π/2, 3π/2, −π/2 and −3π/2 and denotetwo bits 00, 01, 10 and 11 respectively. Similarly, it is well knownthat a BPSK modulation scheme is defined by 2 modulation points, whichtogether constitute the BPSK modulation constellation. The modulationpoints represent carrier phases of +δ and −δ radians, and denote one bit0 or 1 respectively. In turn, the HM scheme is defined by 8 modulationpoints, constructed from the primary and secondary modulationconstellations.

The HM modulation points represent carrier phases of (π/2−δ), (π/2+δ),(3π/2−δ), (3π/2+δ), (−π/2−δ), (−π/2+δ), (−3π/2−δ), (−3π/2+δ) and denotethree bits 000, 001, 010, 011, 100, 101, 110 and 111 respectively. These8 modulation points constitute four (4) clusters, each including two (2)closely spaced modulation points. For example, the modulationrepresented by the carrier phases (π/2−δ), (π/2+δ) would constitute acluster. The transmitter sends a sequence of symbols taken from the HMconstellation over a wireless channel, which attenuates and contaminatesthe signal as it travels farther from the transmitter. A receiver whichis close to the transmitter will, in general, receive a signal with goodsignal strength and signal quality, so that it can detect the carrierphase and hence the 3 bits accurately. However, a receiver which is farfrom the transmitter will, in general, receive a signal with lowersignal strength and signal quality, so that it may not be able todiscriminate between the closely spaced modulation points in eachcluster, although it can determine which cluster the transmitted symbolsbelongs to. Thus, such a receiver can detect the primary modulation butnot the secondary modulation. Accordingly, the receiver can detect twobits of data but not the third bit.

This embodiment of the present invention may be used for implementing asecurity or trust zone. The data associated with the primary modulationpoints, that is the first 2 bits, is encoded or encrypted or scrambledwith a secret key and the secret key itself is transmitted via the3^(rd) bit of a sequence of symbols. Thus, a receiver within the trustzone can detect the key and use it to decode or decrypt or descramblethe primary data. A receiver outside of the trust zone can detect theprimary data but not the secret key, and thus cannot decode or decryptor descramble the primary data. Any modulation scheme may be used forthe primary and the secondary modulation schemes of the presentinvention. Examples include M-ary PSK, M-ary FSK, M-ary QAM, or thelike. Furthermore, only selected modulation points in the primarymodulation constellation may be superimposed with secondary clusters.Finally, more than two levels of hierarchy may be imposed. For example,QPSK on BPSK on BPSK represents a three-level HM.

In another embodiment, a layered HM scheme may be implemented. FIG. 10shows a simple two-level scheme where the main waveform is a QPSK signaloverlaid with a biphase shift keying (BPSK) HM. When a receiver's SNR ishigh, it is possible to distinguish all constellation points. As the SNRdecreases, it becomes difficult to distinguish the points of the BPSKhierarchy from the nominal QPSK constellation points and hence the HMdata is lost.

In accordance with the present invention, scrambled data is modulated inthe main waveform and descrambling information is encoded in the HM.When the receiver is located within a zone where the HM is discernable,the descrambling information enables successful reception. When thereceiver is too far away and hence unable to extract the HM data, thedescrambling information has to be explicitly requested through otherchannels. By varying the power allocated to the HM waveform, the rangecan be zone controlled.

Although the features and elements of the present invention aredescribed in the preferred embodiments in particular combinations, eachfeature or element can be used alone without the other features andelements of the preferred embodiments or in various combinations with orwithout other features and elements of the present invention.

1. In a wireless communication system including a plurality of wirelesstransmit/receive units (WTRUs) used to transmit and receive wirelesscommunications, a method for securing the wireless communicationscomprising: establishing a plurality of non-overlapping trust zonesassociated with a particular one of the WTRUs; and the particular WTRUtransmitting a wireless communication signal including modulated datasuch that the wireless communication signal can be demodulated ifreceived in a first one of the trust zones but cannot be demodulated ifreceived in a second one of the trust zones.
 2. The method of claim 1wherein the first trust zone covers an area which extends from theparticular WTRU to a first distance from the particular WTRU.
 3. Themethod of claim 2 wherein the second trust zone covers an area whichextends from the first distance to a second distance that is furtheraway from the particular WTRU than the first distance.
 4. The method ofclaim 1 wherein the wireless communication signal is scrambled and canbe descrambled in the second trust zone if a scrambling sequence isdetermined.
 5. The method of claim 4 wherein the scrambling sequence isprovided if a user associated with a receiver located in the secondtrust zone is authenticated.
 6. The method of claim 1 wherein a securitylevel associated with the wireless communication signal is a function ofthe distance of a device that receives the wireless communication signalfrom the particular WTRU.
 7. The method of claim 1 wherein a securitylevel associated with the wireless communication signal is a function ofa signal-to-noise ratio (SNR) per information bit of the wirelesscommunication signal.
 8. The method of claim 1 wherein a security levelassociated with the wireless communication signal is a function of thepower level of the wireless communication signal.
 9. The method of claim1 wherein a security level associated with the wireless communicationsignal is a function of a code rate associated with the wirelesscommunication signal.
 10. The method of claim 1 wherein a security levelassociated with the wireless communication signal is a function of anormalized security proximity radius (NSPR) associated with each of thetrust zones.
 11. In a wireless communication system including aplurality of wireless transmit/receive units (WTRUs) used to transmitand receive wireless communications, a method for securing the wirelesscommunications comprising: establishing a plurality of non-overlappingtrust zones associated with a particular one of the WTRUs; andassociating different security levels with each of the trust zones,wherein a communication device that receives a wireless communicationsignal transmitted by the particular WTRU is required to operate inaccordance with a security policy associated with the trust zone inwhich the device is located.
 12. The method of claim 11 wherein a firstone of the trust zones covers an area which extends from the particularWTRU to a first distance from the particular WTRU.
 13. The method ofclaim 12 wherein a second one of the trust zones covers an area whichextends from the first distance to a second distance that is furtheraway from the particular WTRU than the first distance.
 14. The method ofclaim 11 wherein the wireless communication signal transmitted by theparticular WTRU includes modulated data such that the security policy ofthe first trust zone allows the wireless communication signal to bedemodulated if the communication device is located in the first trustzone, but the security policy of the second trust zone does not allowthe wireless communication signal to be demodulated if the communicationdevice is located in the second trust zone.
 15. The method of claim 14wherein the wireless communication signal is scrambled and can bedescrambled in the second trust zone if a scrambling sequence isdetermined.
 16. The method of claim 15 wherein the scrambling sequenceis provided to the communication device if a user associated with thecommunication device is authenticated when located in the second trustzone.
 17. The method of claim 11 wherein a security level associatedwith the wireless communication signal is a function of the distance ofthe communication device from the particular WTRU.
 18. The method ofclaim 11 wherein a security level associated with the wirelesscommunication signal is a function of a signal-to-noise ratio (SNR) perinformation bit of the wireless communication signal.
 19. The method ofclaim 11 wherein a security level associated with the wirelesscommunication signal is a function of the power level of the wirelesscommunication signal.
 20. The method of claim 11 wherein a securitylevel associated with the wireless communication signal is a function ofa code rate associated with the wireless communication signal.
 21. Themethod of claim 11 wherein a security level associated with the wirelesscommunication signal is a function of a normalized security proximityradius (NSPR) associated with each of the trust zones.
 22. In a wirelesscommunication system including a plurality of access points (APs) and atleast one wireless transmit/receive unit, a method of securing wirelesscommunications comprising: each of the APs transmitting a fragment of abit stream to the WTRU, wherein the WTRU is located in an area where atransmission pattern radiated from each of the APs intersect; and theWTRU reassembling the fragments into the bit stream.
 23. The method ofclaim 22 wherein it is not possible to receive all of the fragments at alocation outside of the area where the AP transmission patternsintersect.
 24. The method of claim 22 wherein each of the bit streamfragments is incorporated in a respective packet data unit (PDU), andthe WTRU reassembles the respective PDUs into a service data unit (SDU).25. The method of claim 22 wherein the WTRU reports the location of theWTRU to each of the APs and the APs transmit a sequence of messages atvarying effective coding rates which request a positive acknowledgement(ACK) or a negative acknowledgement (NACK) from the WTRU, such that theAPs can determine whether the location of the WTRU is correct.
 26. Themethod of claim 25 wherein the APs determine whether the WTRU can decodetransmissions sent by the APs.
 27. The method of claim 25 wherein theAPs verify the authenticity of the WTRU by sending a challenge questionvia a plurality of packet data units (PDUs) to the WTRU such that thechallenge question would be decipherable by the WTRU and answered by theWTRU only if the WTRU is located at the location reported by the WTRU.28. A wireless communication system for securing wirelesscommunications, the system comprising: a receiver; and a wirelesstransmit/receive unit (WTRU) configured to establish a plurality ofnon-overlapping trust zones by transmitting a wireless communicationsignal that includes modulated data such that the wireless communicationsignal can be demodulated by the receiver if the receiver is located ina first one of the trust zones but cannot be demodulated if the receiveris located in a second one of the trust zones.
 29. The system of claim28 wherein the first trust zone covers an area which extends from theWTRU to a first distance from the WTRU.
 30. The system of claim 29wherein the second trust zone covers an area which extends from thefirst distance to a second distance that is further away from theparticular WTRU than the first distance.
 31. The system of claim 28wherein the wireless communication signal is scrambled and can bedescrambled in the second trust zone if a scrambling sequence isdetermined.
 32. The system of claim 31 wherein the scrambling sequenceis provided to the receiver if a user associated with a receiver locatedin the second trust zone is authenticated.
 33. The system of claim 28wherein a security level associated with the wireless communicationsignal is a function of the distance of the receiver from the WTRU. 34.The system of claim 28 wherein a security level associated with thewireless communication signal is a function of the Doppler spread of thewireless communication signal.
 35. The system of claim 28 wherein asecurity level associated with the wireless communication signal is afunction of a signal-to-noise ratio (SNR) per information bit of thewireless communication signal.
 36. The system of claim 28 wherein asecurity level associated with the wireless communication signal is afunction of the power level of the wireless communication signal. 37.The system of claim 28 wherein a security level associated with thewireless communication signal is a function of a code rate associatedwith the wireless communication signal.
 38. The system of claim 28wherein a security level associated with the wireless communicationsignal is a function of a normalized security proximity radius (NSPR)associated with each of the trust zones.
 39. A wireless communicationsystem for securing wireless communications, the system comprising: awireless transmit/receive unit (WTRU); a first access point (AP) fortransmitting a first portion of a bit stream to the WTRU; and a secondAP for transmitting a second portion of the bit stream to the WTRU,wherein the WTRU is located in an area where a transmission patternradiated from each of the first and second APs intersect, and the WTRUreassembles the first and second portions into the bit stream.
 40. Thesystem of claim 39 wherein it is not possible to receive both of theportions of the bit stream at a location outside of the area wheretransmission patterns of the first and second APs intersect.
 41. Thesystem of claim 39 wherein the first portion of the bit stream isincorporated in a first packet data unit (PDU), the second portion ofthe bit stream is incorporated in a second PDU and the WTRU reassemblesthe first and second PDUs into a service data unit (SDU).
 42. The systemof claim 39 wherein the WTRU reports the location of the WTRU to each ofthe APs and the APs transmit a sequence of messages at varying effectivecoding rates which request a positive acknowledgement (ACK) or anegative acknowledgement (NACK) from the WTRU, such that the APs candetermine whether the location of the WTRU is correct.
 43. The system ofclaim 42 wherein the APs determine whether the WTRU can decodetransmissions sent by the APs.
 44. The system of claim 42 wherein theAPs verify the authenticity of the WTRU by sending a challenge questionvia a plurality of packet data units (PDUs) to the WTRU such that thechallenge question would be decipherable by the WTRU and answered by theWTRU only if the WTRU is located at the location reported by the WTRU.45. A wireless communication system for securing wirelesscommunications, the system comprising: a wireless transmit/receive unit(WTRU); a first access point (AP) for transmitting a first packet dataunit (PDU) to the WTRU; and a second AP for transmitting a second PDU tothe WTRU, wherein the WTRU is located in an area where a transmissionpattern radiated from each of the first and second APs intersect, andthe WTRU performs a function on the first and second PDUs to derive aservice data unit (SDU).
 46. The system of claim 45 wherein it is notpossible to receive both of the first and second PDUs at a locationoutside of the area where transmission patterns of the first and secondAPs intersect.
 47. The system of claim 45 wherein the function is anexclusive-or (XOR) function.
 48. The system of claim 45 wherein the WTRUreports the location of the WTRU to each of the APs and the APs transmita sequence of messages at varying effective coding rates which request apositive acknowledgement (ACK) or a negative acknowledgement (NACK) fromthe WTRU, such that the APs can determine whether the location of theWTRU is correct.
 49. The system of claim 48 wherein the APs determinewhether the WTRU can decode transmissions sent by the APs.
 50. Thesystem of claim 48 wherein the APs verify the authenticity of the WTRUby sending a challenge question via a plurality of packet data units(PDUs) to the WTRU such that the challenge question would bedecipherable by the WTRU and answered by the WTRU only if the WTRU islocated at the location reported by the WTRU.
 51. In a wirelesscommunication system in which a transmitter sends wirelesscommunications to a receiver, wherein the wireless communicationsinclude a sequence of symbols represented by a plurality of primarymodulation points of a modulation constellation, a method for securingthe wireless communications comprising: (a) replacing each primarymodulation point with a cluster of secondary modulation points locatedin close proximity to one another; (b) the receiver discriminatingbetween the secondary modulation points in the cluster; and (c) thereceiver demodulating the secondary modulation points to decipher thesymbols.
 52. The method of claim 51 wherein there are four primarymodulation points in the modulation constellation, each of which isdefined by two data bits.
 53. The method of claim 52 wherein there are atotal of eight secondary modulation points in the modulationconstellation, two in each cluster, each of which is defined by threedata bits.
 54. The method of claim 51 wherein each primary modulationpoint is generated by phase-shift keying (PSK).
 55. The method of claim51 wherein each primary modulation point is generated by frequency-shiftkeying (FSK).
 56. The method of claim 51 wherein each primary modulationpoint is generated by quadrature amplitude modulation (QAM).
 57. Themethod of claim 51 wherein each secondary modulation point is generatedby phase-shift keying (PSK).
 58. The method of claim 51 wherein eachsecondary modulation point is generated by frequency-shift keying (FSK).59. The method of claim 51 wherein each secondary modulation point isgenerated by quadrature amplitude modulation (QAM).
 60. A wirelesscommunication system for securing wireless communications, the systemcomprising: (a) a receiver; and (a) a transmitter for transmitting tothe receiver wireless communications which include a sequence of symbolsrepresented by a plurality of primary modulation points of a modulationconstellation, wherein the transmitter replaces each primary modulationpoint with a cluster of secondary modulation points located in closeproximity to one another, the receiver discriminates between thesecondary modulation points in the cluster, and the receiver demodulatesthe secondary modulation points to decipher the symbols.
 61. The systemof claim 60 wherein there are four primary modulation points in themodulation constellation, each of which is defined by two data bits. 62.The system of claim 61 wherein there are a total of eight secondarymodulation points in the modulation constellation, two in each cluster,each of which is defined by three data bits.
 63. The system of claim 60wherein each primary modulation point is generated by phase-shift keying(PSK).
 64. The system of claim 60 wherein each primary modulation pointis generated by frequency-shift keying (FSK).
 65. The system of claim 60wherein each primary modulation point is generated by quadratureamplitude modulation (QAM).
 66. The system of claim 60 wherein eachsecondary modulation point is generated by phase-shift keying (PSK). 67.The system of claim 60 wherein each secondary modulation point isgenerated by frequency-shift keying (FSK).
 68. The system of claim 60wherein each secondary modulation point is generated by quadratureamplitude modulation (QAM).
 69. In a wireless communication systemincluding a transmitter and a receiver, the transmitter being configuredto transmit wireless communications to the receiver, a method forsecuring the wireless communications comprising: (a) the transmittertransmitting a main waveform which overlays a quadrature phase shiftkeying (QPSK) signal with hierarchical modulation (HM); (b) thetransmitter modulating scrambled data in the main waveform; (c) thetransmitter encoding descrambling information in the HM; and (d) thereceiver extracting the descrambling information in the HM anddemodulating the scrambled data when the distance between the receiverand the transmitter does not exceed a particular threshold.
 70. Themethod of claim 69 wherein the HM is biphase shift keying (BPSK) HM. 71.The method of claim 69 further comprising: (e) the transmitter varyingpower allocated to the HM waveform to adjust the particular threshold.72. A wireless communication system for securing wireless communicationscomprising: a receiver; and a transmitter configured to transmit a mainwaveform which overlays a quadrature phase shift keying (QPSK) signalwith hierarchical modulation (HM), modulates scrambled data in the mainwaveform and encodes descrambling information in the HM, wherein thereceiver extracts the descrambling information in the HM and demodulatesthe scrambled data when the receiver is in the vicinity of thetransmitter.
 73. The system of claim 72 wherein the HM is biphase shiftkeying (BPSK) HM.
 74. The system of claim 72 wherein the transmittervaries power allocated to the HM waveform.
 75. A wireless communicationsystem for securing wireless communications, the system comprising: atransmitter comprising: a first protocol stack unit for generating aninformation stream; a channel encoder for encoding the informationstream for error protection; a rate matching unit for rate matching theinformation stream; a multi-layer secure bit (MLSB) scrambler forscrambling channel symbols; and a first physical channel processing unitfor transmitting wireless communications including the scrambled channelsymbols over a wireless channel; and a receiver comprising: a secondphysical channel processing unit for receiving the wirelesscommunications; a MLSB descrambler for descrambling the channel symbolsof the wireless communications; a rate de-matching unit for de-matchingthe rate of the wireless communications; a channel decoder for decodingthe information stream; and a second protocol stack unit for processingthe decoded information stream.
 76. The system of claim 75 wherein ifthe receiver is informed through auxiliary means that the receivershould be able to successfully demodulate the information stream, but isin fact unable to do so after a sufficiently large number of attempts,the receiver assumes that the wireless channel is being tampered with.77. In a transmitter, a first integrated circuit (IC) for securingwireless communications transmitted over a wireless channel, the firstIC comprising: a first protocol stack unit for generating an informationstream; a channel encoder for encoding the information stream for errorprotection; a rate matching unit; a multi-layer secure bit (MLSB)scrambler for scrambling channel symbols; and a first physical channelprocessing unit.
 78. In a receiver which communicates with thetransmitter of claim 77, a second integrated circuit (IC) for securingwireless communications received over a wireless channel, the second ICcomprising: a second physical channel processing unit for receiving thewireless communications; a MLSB descrambler for descrambling channelsymbols of the wireless communications; a rate de-matching unit for ratematching an information stream in the wireless communications; a channeldecoder for decoding the information stream; and a second protocol stackunit for processing the decoded information stream.
 79. The second IC ofclaim 78 wherein if the receiver is informed through auxiliary meansthat the receiver should be able to successfully demodulate theinformation stream, but is in fact unable to do so after a sufficientlylarge number of attempts, the receiver assumes that the wireless channelis being tampered with.